npm - @pellux/goodvibes-agent - Versions diffs - 0.1.20 → 0.1.22 - Mend

@pellux/goodvibes-agent 0.1.20 → 0.1.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/CHANGELOG.md +8 -0
package/package.json +1 -1
package/src/tools/wrfc-agent-guard.ts +68 -0
package/src/version.ts +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,14 @@
 All notable changes to GoodVibes Agent will be recorded here.
+## 0.1.22 - 2026-05-31
+- 07e4445 Mark control tool read-only in agent runtime
+## 0.1.21 - 2026-05-31
+- d83f325 Keep inspect scaffold dry-run-only in agent runtime
 ## 0.1.20 - 2026-05-31
 - c0eca13 Block settings mutation tool in agent runtime

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@pellux/goodvibes-agent",
-  "version": "0.1.20",
+  "version": "0.1.22",
   "private": false,
   "description": "Near-fork GoodVibes operator assistant with the GoodVibes TUI shell, renderer, input, fullscreen workspace, and daemon-connected Agent product brain.",
   "type": "module",

package/src/tools/wrfc-agent-guard.ts CHANGED Viewed

@@ -54,6 +54,12 @@ type StateToolArgs = {
   readonly [key: string]: unknown;
 };
+type InspectToolArgs = {
+  readonly mode?: unknown;
+  readonly dryRun?: unknown;
+  readonly [key: string]: unknown;
+};
 type AgentToolPolicyGuardOptions = {
   readonly getLastUserMessage?: () => string | null;
 };
@@ -90,6 +96,7 @@ const READ_ONLY_TEAM_TOOL_MODES = ['list', 'show'] as const;
 const READ_ONLY_WORKLIST_TOOL_MODES = ['list', 'show'] as const;
 const READ_ONLY_PACKET_TOOL_MODES = ['list', 'show'] as const;
 const READ_ONLY_QUERY_TOOL_MODES = ['list', 'show'] as const;
+const READ_ONLY_CONTROL_TOOL_MODES = ['commands', 'panels', 'subscriptions', 'sandbox-presets'] as const;
 const READ_ONLY_REMOTE_TOOL_MODE_SET = new Set<string>(READ_ONLY_REMOTE_TOOL_MODES);
 const READ_ONLY_CHANNEL_TOOL_MODE_SET = new Set<string>(READ_ONLY_CHANNEL_TOOL_MODES);
 const READ_ONLY_MCP_TOOL_MODE_SET = new Set<string>(READ_ONLY_MCP_TOOL_MODES);
@@ -104,6 +111,7 @@ const READ_ONLY_TEAM_TOOL_MODE_SET = new Set<string>(READ_ONLY_TEAM_TOOL_MODES);
 const READ_ONLY_WORKLIST_TOOL_MODE_SET = new Set<string>(READ_ONLY_WORKLIST_TOOL_MODES);
 const READ_ONLY_PACKET_TOOL_MODE_SET = new Set<string>(READ_ONLY_PACKET_TOOL_MODES);
 const READ_ONLY_QUERY_TOOL_MODE_SET = new Set<string>(READ_ONLY_QUERY_TOOL_MODES);
+const READ_ONLY_CONTROL_TOOL_MODE_SET = new Set<string>(READ_ONLY_CONTROL_TOOL_MODES);
 const LOCAL_AGENT_DENIAL = [
   'GoodVibes Agent does not spawn local Engineer/Reviewer/Tester/Verifier roots or run local WRFC chains.',
@@ -159,12 +167,24 @@ const SETTINGS_MUTATION_DENIAL = [
   'Secrets, tokens, passwords, daemon lifecycle settings, and service exposure settings require explicit user action outside the model tool surface.',
 ].join(' ');
+const INSPECT_WRITE_DENIAL = [
+  'GoodVibes Agent only uses inspect scaffold mode for dry-run planning from the main conversation.',
+  'File scaffolding and code creation are disabled in the Agent model tool surface.',
+  'Delegate explicit build/implement/fix/review work to GoodVibes TUI instead.',
+].join(' ');
 const DURABLE_WORKFLOW_MUTATION_DENIAL = [
   'GoodVibes Agent only inspects copied durable workflow tools from the main conversation.',
   'Task, team, worklist, packet, and query creation or lifecycle mutation is disabled here.',
   'Use explicit Agent CLI/slash commands or GoodVibes TUI delegation for intentional workflow changes.',
 ].join(' ');
+const CONTROL_MUTATION_DENIAL = [
+  'GoodVibes Agent only inspects copied product-control surfaces from the main conversation.',
+  'Product-control mutation, daemon lifecycle, and service posture changes are disabled here.',
+  'Use explicit Agent CLI/slash commands for Agent-owned changes, and keep daemon lifecycle external.',
+].join(' ');
 export function installAgentToolPolicyGuard(registry: ToolRegistry, options: AgentToolPolicyGuardOptions = {}): void {
   const agentTool = registry.list().find((tool) => tool.definition.name === 'agent');
   if (!agentTool) throw new Error('Agent tool policy guard could not find the agent tool.');
@@ -200,6 +220,18 @@ export function installAgentToolPolicyGuard(registry: ToolRegistry, options: Age
       wrapStateToolForAgentPolicy(tool);
     } else if (tool.definition.name === 'goodvibes_settings') {
       wrapBlockedSettingsToolForAgentPolicy(tool);
+    } else if (tool.definition.name === 'inspect') {
+      wrapInspectToolForAgentPolicy(tool);
+    } else if (tool.definition.name === 'control') {
+      wrapModeRestrictedToolForAgentPolicy(tool, {
+        allowedModes: READ_ONLY_CONTROL_TOOL_MODES,
+        modeSet: READ_ONLY_CONTROL_TOOL_MODE_SET,
+        description: [
+          'Read-only product-control inspection for GoodVibes Agent.',
+          'Command, panel, subscription, and sandbox preset catalogs can be inspected, but product-control mutation and daemon lifecycle are external.',
+        ].join(' '),
+        denial: CONTROL_MUTATION_DENIAL,
+      });
     } else if (tool.definition.name === 'task') {
       wrapModeRestrictedToolForAgentPolicy(tool, {
         allowedModes: READ_ONLY_TASK_TOOL_MODES,
@@ -320,6 +352,17 @@ export function wrapBlockedSettingsToolForAgentPolicy(tool: Tool): void {
   tool.execute = async () => ({ success: false, error: SETTINGS_MUTATION_DENIAL });
 }
+export function wrapInspectToolForAgentPolicy(tool: Tool): void {
+  narrowInspectToolDefinitionForAgentPolicy(tool);
+  const originalExecute = tool.execute.bind(tool);
+  tool.execute = async (args) => {
+    const inspectArgs = args as InspectToolArgs;
+    const denial = validateInspectToolInvocationForAgentPolicy(inspectArgs);
+    if (denial) return { success: false, error: denial };
+    return originalExecute(normalizeInspectToolInvocationForAgentPolicy(inspectArgs) as Parameters<Tool['execute']>[0]);
+  };
+}
 export function validateExecToolInvocationForAgentPolicy(args: ExecToolArgs): string | null {
   if (args.parallel === true) return BACKGROUND_EXEC_DENIAL;
   if (Array.isArray(args.file_ops) && args.file_ops.length > 0) return BACKGROUND_EXEC_DENIAL;
@@ -404,6 +447,16 @@ export function validateStateToolInvocationForAgentPolicy(args: StateToolArgs):
   return null;
 }
+export function validateInspectToolInvocationForAgentPolicy(args: InspectToolArgs): string | null {
+  if (args.mode === 'scaffold' && args.dryRun === false) return INSPECT_WRITE_DENIAL;
+  return null;
+}
+export function normalizeInspectToolInvocationForAgentPolicy(args: InspectToolArgs): InspectToolArgs {
+  if (args.mode !== 'scaffold') return args;
+  return { ...args, dryRun: true };
+}
 type ModeRestrictedToolPolicy = {
   readonly allowedModes: readonly string[];
   readonly modeSet: ReadonlySet<string>;
@@ -470,13 +523,16 @@ export const AGENT_READ_ONLY_TEAM_TOOL_MODES = READ_ONLY_TEAM_TOOL_MODES;
 export const AGENT_READ_ONLY_WORKLIST_TOOL_MODES = READ_ONLY_WORKLIST_TOOL_MODES;
 export const AGENT_READ_ONLY_PACKET_TOOL_MODES = READ_ONLY_PACKET_TOOL_MODES;
 export const AGENT_READ_ONLY_QUERY_TOOL_MODES = READ_ONLY_QUERY_TOOL_MODES;
+export const AGENT_READ_ONLY_CONTROL_TOOL_MODES = READ_ONLY_CONTROL_TOOL_MODES;
 export const AGENT_REMOTE_MUTATION_DENIAL_MESSAGE = REMOTE_MUTATION_DENIAL;
 export const AGENT_CHANNEL_ACTION_DENIAL_MESSAGE = CHANNEL_ACTION_DENIAL;
 export const AGENT_MCP_SECURITY_MUTATION_DENIAL_MESSAGE = MCP_SECURITY_MUTATION_DENIAL;
 export const AGENT_FETCH_NETWORK_MUTATION_DENIAL_MESSAGE = FETCH_NETWORK_MUTATION_DENIAL;
 export const AGENT_STATE_MUTATION_DENIAL_MESSAGE = STATE_MUTATION_DENIAL;
 export const AGENT_SETTINGS_MUTATION_DENIAL_MESSAGE = SETTINGS_MUTATION_DENIAL;
+export const AGENT_INSPECT_WRITE_DENIAL_MESSAGE = INSPECT_WRITE_DENIAL;
 export const AGENT_DURABLE_WORKFLOW_MUTATION_DENIAL_MESSAGE = DURABLE_WORKFLOW_MUTATION_DENIAL;
+export const AGENT_CONTROL_MUTATION_DENIAL_MESSAGE = CONTROL_MUTATION_DENIAL;
 function isRecord(value: unknown): value is Record<string, unknown> {
   return typeof value === 'object' && value !== null && !Array.isArray(value);
@@ -610,8 +666,20 @@ function narrowStateToolDefinitionForAgentPolicy(tool: Tool): void {
   narrowStringEnumProperty(properties, 'analyticsAction', READ_ONLY_STATE_ANALYTICS_ACTIONS, 'Read-only analytics actions allowed by GoodVibes Agent.');
 }
+function narrowInspectToolDefinitionForAgentPolicy(tool: Tool): void {
+  tool.definition.description = [
+    'Inspect and analyze project structure for GoodVibes Agent.',
+    'Scaffold mode is dry-run-only in the main conversation; code creation must be delegated to GoodVibes TUI.',
+  ].join(' ');
+  const properties = tool.definition.parameters.properties;
+  if (!isRecord(properties)) return;
+  delete properties.dryRun;
+}
 function narrowModeToolDefinitionForAgentPolicy(tool: Tool, allowedModes: readonly string[], description: string): void {
   tool.definition.description = description;
+  tool.definition.sideEffects = [];
   const properties = tool.definition.parameters.properties;
   if (!isRecord(properties)) return;

package/src/version.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import { join } from 'node:path';
 // The prebuild script updates the fallback value before compilation.
 // Uses import.meta.dir (Bun) to locate package.json relative to this file,
 // which is correct regardless of the process working directory.
-let _version = '0.1.20';
+let _version = '0.1.22';
 let _sdkVersion = '0.33.35';
 try {
   const pkg = JSON.parse(readFileSync(join(import.meta.dir, '..', 'package.json'), 'utf-8')) as {